Login Sign Up

CVE-2024-5455

8.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability in the Plus Addons for Elementor WordPress plugin allows authenticated attackers with Contributor-level access or higher to perform Local File Inclusion via the 'magazine_style' parameter. This enables execution of arbitrary PHP code on the server, potentially leading to data theft, access control bypass, or full system compromise. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • Plus Addons for Elementor Page Builder plugin for WordPress
Versions: All versions up to and including 5.5.4
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Contributor-level WordPress user account or higher. Elementor plugin must be installed.

📦 What is this software?

The Plus Addons For Elementor by Posimyth

View all CVEs affecting The Plus Addons For Elementor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise leading to data exfiltration, ransomware deployment, or complete site takeover through arbitrary code execution.

🟠

Likely Case

Unauthorized file access, privilege escalation to administrator, and installation of backdoors or malware on the WordPress site.

🟢

If Mitigated

Limited impact if proper file permissions restrict PHP execution and web server runs with minimal privileges.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but is straightforward once attacker has Contributor privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.5.5 or later

Vendor Advisory: https://roadmap.theplusaddons.com/updates/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Plus Addons for Elementor'. 4. Click 'Update Now' if available, or download version 5.5.5+ from WordPress repository. 5. Activate updated plugin.

🔧 Temporary Workarounds

Disable Dynamic Smart Showcase Widget

all

Temporarily disable the vulnerable widget component

Restrict Contributor File Uploads

all

Limit file upload capabilities for Contributor-level users

🧯 If You Can't Patch

  • Immediately deactivate and remove the Plus Addons for Elementor plugin
  • Implement strict file permission controls and disable PHP execution in upload directories

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins for 'Plus Addons for Elementor' version 5.5.4 or lower

Check Version:

wp plugin list --name='Plus Addons for Elementor' --field=version

Verify Fix Applied:

Confirm plugin version is 5.5.5 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

  • Unusual file inclusion attempts in web server logs
  • POST requests containing 'magazine_style' parameter with file paths
  • PHP execution from non-standard locations

Network Indicators:

  • HTTP requests to plugin files with suspicious parameter values
  • Unexpected file uploads to media directories

SIEM Query:

web.url:*magazine_style* AND web.method:POST

📊 Metadata

CVE ID: CVE-2024-5455
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: June 21, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON